Fast Track Workshop Abstracts | Training Institute

Unified Attack Surface Management

Attack and Defense Methodologies

To protect an organization, it is key to understand how it can be breached. In this workshop, participants will learn what tools and methodologies threat actors use to breach an organization. The participants will play the role of the threat actor and explore the anatomy of an attack to see how easy it is to penetrate an organization.

Once breached, the participants will then go on to deploy and configure different Fortinet products to understand exactly how these solutions can break the kill chain. Participants will learn how to stop and limit the progression of the very same cyberattacks they launched earlier.

Participants who attend this workshop will learn how to:

Understand the anatomy of an attack, also known as a kill chain
Understand the tools and techniques threat actors use to breach an organization
Attack a fictitious organization using these tools
Deploy the Fortinet Security Fabric to protect against known and unknown threats

Format	(2) 4-hour technical workshops
Objective	Provide a compelling, hands-on learning experience about who threat actors are, what tools and methodologies they use, and how to use the Security Fabric to break the kill chain. Participants will compete in teams against each other to see who can obtain the most posts.

Breaking the Kill Chain with AI-Driven Breach Protection

To protect your enterprise against sophisticated threats, it is important to establish a comprehensive and cohesive security infrastructure that is broad enough to cover all attack vectors, powerful enough to run the latest security technologies, and automated to keep pace with fast-moving attacks.

Participants who attend this workshop will learn:

Apply solutions in different stages of the kill chain
how to detect advanced and zero-day threats.
how to disrupt threat actors.
how to bolster security operations.

Format	4-hour technical workshop
Objective	Provide a compelling hands-on learning experience for FortiSandbox, FortiNDR, and FortiDeceptor and experience how these solutions can be used to augment an organization’s foundation security in order to break the kill chain.

Unified Network

Cybersecurity for Safe, Reliable, Secure Industrial Control Systems (ICS)

Convergence is blurring the lines between IT and OT, creating an opportunity to improve the visibility, control, and situational awareness necessary for critical systems. Failure to take the wide range of security issues into account when converging these two very different networks and networking philosophies can result in catastrophic network failures that risk critical systems and the life and well-being of workers and communities.

In this workshop, participants learn about the Fortinet Security Fabric, the first ever architectural security approach designed to dynamically adapt to unique needs of legacy OT environments while enabling the move toward modernizing these critical systems. Leveraging the Purdue Model for the security layers needed in OT, the multi-layered approach provided by the Security Fabric provides broad, integrated, and automated protection against sophisticated threats.

Participants who attend this workshop will learn how to:

Configure internal segmentation
Explore FortiNAC visibility of assets
Implement FortiGate access control
Configure Virtual Patching through IPS
Configure industrial protocol visibility and security
Implement deception using FortiDeceptor
Securely control, monitor, and audit contractor access with FortiPAM

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on learning experience about the Security Fabric and teach participants how to craft a comprehensive security solution that solves safety and availability needs of OT and control systems.

SD-Branch: LAN Edge Wired and Wireless

Fortinet secure access architecture powered by FortiLink is uniquely suited to SD-Branch deployments, with Ethernet switch and wireless access point management built into the same platform that drives our Secure SD-WAN solution, the FortiGate and FortiOS.

In this workshop, participants learn how enabling FortiLink between FortiSwitch, FortiAP, and a FortiGate integrates the devices into the FortiGate network security platform. Thus, the FortiSwitch and FortiAP can be managed directly from the familiar FortiGate interface or via the FortiManager. This single pane of glass management provides complete visibility and control of all users and devices on the network, regardless of how they connect.

Participants who attend this workshop will learn how to:

Create a FortiLink interface
Authorize FortiSwitch and FortiAP devices
Create VLANs and policies
Create SSIDs
Configure radio frequency (RF) parameters
Assign firewall policies to FortiGate interfaces
Configure Network Access Control (NAC) Policies
Configure MCLAG

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on learning experience about SD-Branch solution with FortiSwitch, FortiAP, and FortiLink to teach participants the benefits of integrating the devices using FortiLink and how to enable a common security policy across the network, extending the protection of the firewall out to the edge

Constructing a Secure SD-WAN Architecture

As businesses rely more on cloud-based applications, organizations with remote offices and distributed workforces must adapt their network infrastructure. Traditional WANs, often using costly MPLS or leased lines, route all traffic through centralized data centers, creating latency, performance bottlenecks, and operational complexity. Managing multiple point products adds to the challenge, increasing visibility gaps and troubleshooting difficulties.

This workshop explores how SD-WAN offers a dynamic, cost-effective alternative to static WAN architecture. Participants will learn how Fortinet’s Secure SD-WAN enhances performance, reduces costs, and integrates security directly into the network. Through centralized management and advanced traffic optimization, organizations can improve cloud application access, streamline operations, and maintain robust security across their distributed environments.

Participants who attend this workshop will learn how to:

Configure and deploy SD-WAN using the FortiManager SD-WAN Orchestrator
Create and validate SD-WAN performance SLAs and rules
Implement and verify the ADVPN solution
Test and validate SLA and WAN link failure scenarios

Format	4-hour technical workshop
Objective	Provide a compelling hands-on learning experience about SD-WAN and teach participants to understand an agile and cost-effective architectural network solution.

Deploying Security Strategies for the Modern Network

Today’s networks are highly complex, with evolving threats and increasing pressure on IT and security teams to protect their organizations. Firewalls have become multifunctional security devices, but managing multiple point products without integration creates visibility and management challenges. Organizations also need fast, scalable security to protect against internet-borne threats, web-based attacks, and growing network demands.

In this workshop, participants will learn how Fortinet’s unified security approach streamlines protection across various use cases. FortiGate integrates NGFW features with specialized processors and FortiGuard Labs intelligence for high-performance security. The Fortinet Security Fabric offers centralized visibility, automated threat response, and seamless protection for cloud applications, IoT, and web traffic.

Participants who attend this workshop will learn how to:

Configure basic FortiGate settings for routing, firewall policies, and security profiles.
Set up a Fortinet Security Fabric with centralized logging, visibility, and automation.
Leverage FortiGuard AI-powered security services for real-time threat detection, web filtering, application control, and malware prevention.
Segment and secure the network with ISFW, ZTNA, and ADVPN for optimized remote access and WAN usage.

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on learning experience about the Fortinet NGFW and teach participants how to fortify your enterprise network with the Fortinet NGFW solution, which solves the challenges of today’s highly adaptive threat landscape, provides enhanced visibility into cloud applications and IoT devices, and protects the entire dynamic environment with automated action.

Managing a Cybersecurity Platform at Scale

In this workshop, participants will learn how to integrate multiple Fortinet devices to provide unified security across the network, regardless of the location of network assets and users. Device integration and automation are essential as organizations undergo digital transformation to reduce complexity and enhance defenses against evolving threats.

At the heart of this solution is FortiManager, which revolutionizes network management and security operations by automating routine tasks and leveraging intelligent insights. Participants will also discover how to integrate FortiGate, FortiAnalyzer, FortiSandbox, and FortiMail as part of a Security Fabric to provide comprehensive real-time cybersecurity protection from users to applications. By deploying this solution, organizations can grow and adapt to new threats, making their network more proactive and adaptable.

Participants who attend this workshop will learn how to:

Configure central management
Deploy the Security Fabric
Improve visibility and coordination across devices
Use low-touch provisioning (LTP) to deploy remote devices
Provide zero-day protection using sandboxing
Integrate email protection across the network
Use REST API and the FortiAI Security Assistant
Leverage FortiAI Assistant to develop a REST API script in Python

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on learning experience about integrating multiple Fortinet devices to provide unified network security.

Unified SASE

Proactive Advanced Endpoint Detection and Response

Endpoints are frequently the target of initial compromise or attacks. One recent study found that 30% of breaches involved malware being installed on endpoints. Fortinet endpoint solutions strengthen endpoint security through integrated visibility, control, and proactive defense.

FortiClient can discover, monitor, and assess endpoint risks, so you can ensure endpoint compliance, mitigate risks, and reduce exposure. Its tight integration with the Fortinet Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient also provides secure remote access with ZTNA, built-in VPN, single sign-on, and two-factor authentication for added security.

FortiEDR delivers advanced, real-time threat protection for endpoints both pre- and post-infection. It proactively reduces the attack surface, prevents malware infection, detects and defuses potential threats in real time, and can automate response and remediation procedures with customizable playbooks.

Participants who attend this workshop will learn how to:

Integrate FortiClient EMS into the Security Fabric
Deploy the custom FortiClient installer
Configure FortiClient EMS to apply ZTNA tags to endpoints that FortiGate can use to dynamically control access to subnets and corporate assets
Deploy FortiEDR collector
Apply FortiEDR virtual patching to workstation
Configure FortiEDR pre- and post-execution scanning policies
Filter, sort, and view events in FortiEDR
Perform forensic analysis in FortiEDR

Format	4-hour technical workshop
Objective	Provide a compelling hands-on learning experience to understand how to strengthen endpoint security through integrated visibility, control, and proactive defense.

Securing the Hybrid Workforce with SASE

FortiSASE delivers both a consistent security posture and an optimal user experience for users working from anywhere. Secure your hybrid workforce by closing security gaps, plus simplify operations. AI-powered secure web gateway (SWG), zero-trust network access (ZTNA), cloud access security broker (CASB), Firewall-as-a-Service (FWaaS), and secure SD-WAN all run on one OS and can all be managed with a single console.

Participants who attend this workshop will learn how to:

achieve Secure Internet Access (SIA) and Secure SaaS Access (SSA) for any user using FortiSASE.
set up Secure Private Access (SPA) to internal resources using FortiSASE.
use FortiSASE Universal ZTNA.
view FortiSASE Logs and Reports.

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on learning experience about Fortinet’s Unified SASE solution, seamlessly integrating essential networking and security technologies delivered via the cloud, ensuring secure access for the hybrid workforce and safeguarding applications and data on any cloud.

Delivering and Securing Modern Applications

Modern organizations rely on web applications and APIs that span data centers, private and public clouds, and SaaS environments, exposing them to new security, performance, and availability challenges. As businesses grow, users expect applications to be always available, fast, and secure. IT teams must respond quickly to changing demand, deploy new applications, and ensure continuous availability for users everywhere, all while defending against evolving cyber threats.

In this workshop, participants explore how the Fortinet Application Delivery and Security portfolio helps address these challenges through a combined approach to protecting applications and APIs, delivering applications reliably, and supporting flexible self-managed and SaaS-based operating models. This includes FortiWeb for granular application and API protection, FortiADC for application delivery and resilience, and FortiAppSec Cloud for SaaS-delivered application security at the cloud edge.

Participants who attend this workshop will learn how to:

Configure and validate application and API security controls.
Deploy and optimize application delivery and access.
Integrate authentication, logging, and analytics for improved visibility and control.

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on learning experience that demonstrates how Fortinet application security and delivery solutions can help protect, optimize, and simplify the delivery of web applications and APIs.

Unified SOC Platform

Simplify SOC with Security Fabric Analytics and Automation

Security teams around the world are struggling with the complexity of operations. Common issues include: Too many consoles, too many alerts, manual and slow response, and shortage of cybersecurity personnel.

The Fortinet Security Fabric provides a solution to these security challenges. Broad visibility and control of an organization’s entire digital attack surface minimizes risk. An integrated solution reduces the complexity of supporting multiple point products. Automation of security workflows increases the speed of operation. All of these features enable an organization to maximize the impact and effectiveness of a lean security team.

FortiAnalyzer, part of the Fortinet Security Fabric, addresses the complexity of operations that security teams around the world face. FortiAnalyzer enables an organization to maximize the impact and effectiveness of a lean security team. It does this by providing broad visibility and control of an organization’s entire digital attack surface, an integrated solution reducing the complexity of supporting multiple point products, and automating of security workflows increasing the speed of operations.

In this Fast Track, attendees will gain hands-on experience and see how the solution provides organizations with advanced logging and reporting, Security Fabric analytics and Security Fabric automation.

Participants who attend this workshop will learn how to:

Understand the benefits of using FortiAnalyzer to simplify SOC operations.
Use playbooks to automate workflows in order reduce the work load on the security team.
Use FortiGate event handlers to automate actions via automation stitches.
Work with analytics logs and generate custom reports.

Format	4-hour technical workshop
Objective	Attend this technical training workshop and gain hands-on experience and see how FortiAnalyzer enables teams to simplify security operations in enterprises, with any level SOC maturity, to smoothly integrate security, visibility, and automation.

Advanced Email Security Solution

In this workshop, participants learn how FortiMail replaces incumbent secure email gateways with a product tailored for advanced threat defense, including Office 365 integration and Client to Authenticator Protocol (CTAP) program. FortiMail email security shields users, and ultimately data, from a wide range of cyber threats. These include: ever-growing volumes of unwanted spam, socially-engineered phishing and business email compromise, accelerating variants of ransomware and other malware, increasingly targeted attacks from adversaries of all kinds, and more. At the same time, FortiMail can be used to protect sensitive data of all types, reducing the risk of inadvertent loss and/ or non-compliance with regulations like HIPAA, PCI, GDPR, and more.

Participants who attend this workshop will learn how to:

Understand how FortiMail can stop advanced threats
Understand the key benefits of Office 365 integration
Apply content disarm and reconstruction (CDR) to remove active content from attached files (FortiMail)
Leverage CTAP for email
Gain hands-on experience with FortiMail

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on learning experience about FortiMail and teach how to protect your organization from phishing, unwanted spam, social engineering, business email compromise, malware, and advanced targeted attacks via email.

Educational Challenge: Threat Hunting using MITRE ATT&CK™ TTPs to Identify Adversarial Behaviors

In this workshop, participants learn how to use Fortinet analytics products to hunt for threats using TTPs.

Participants will assume the role of a security analyst and be asked to identify any undetected threats on AcmeCorp's network. To do this they will make use of MITRE ATT&CK™, which is a knowledge base of adversary behavior based on real-world observations.

The challenge is set up with several exercises set around the technical goals the adversary is trying to achieve (ATT&CK™ Tactics), for example, Initial Access, Persistence, Privilege Escalation, Command and Control. Participants will be asked to detect any techniques being used by an adversary to achieve these goals.

In this Fast Track, attendees will gain hands-on experience developing and understanding the analytics needed to discover the techniques used by adversaries during a cyber security breach.

Participants who attend this workshop will learn how to:

What is the MITRE ATT&CK framework and how it can be used
What are the TTPs that threat Actor’s use to carry out a breach
Use FortiEDR Threat Hunting capabilities to uncover threats on the network
Use FortiSIEM analytics to discovery attacker behavior based on attack techniques
Use FortiDecepter to find attacker activity and shorten attacker dwell time

Format	4-hour technical workshop
Objective	Provide a compelling, hands-on experience developing and understanding the analytics needed to discover the techniques used by adversaries during a cyber security breach.

Advanced Analytics

As enterprises evolve, new technologies emerge, and cybercriminals introduce more sophisticated attacks, security leaders and their teams face various challenges in securing the organization’s networks. Security Operations Center (SOC) teams often struggle with the overwhelming task of investigating alerts and responding to threats, frequently needing to consolidate data from multiple tools to analyze and resolve incidents. This excessive workload impedes their ability to detect and address critical attacks swiftly.

The course will focus on real-time threat monitoring with FortiSIEM and the automation of security workflows using FortiSOAR. These solutions reduce manual effort, lower operational costs, and strengthen security posture. By the end of the course, participants will be equipped with the knowledge to leverage Fortinet’s advanced security technologies to enhance visibility, mitigate cyber risks, and optimize their organization’s security operations.

Participants who attend this workshop will learn how to:

Explore the CMDB to track devices, applications, and configuration changes.
Use built-in reports, rules, and threat intelligence to enhance security detection.
Manage and investigate security incidents efficiently.
Leverage analytics tools to execute queries and gain actionable insights.
Utilize dashboards for real-time visibility and data analysis.
Automate case management, incident response, and workflow policies.
Reduce alert fatigue by centralizing security alerts and enriching them with context.
Integrate Fortinet solutions with existing security controls for a unified response.

Format	4-hour technical workshop
Objective	Participants will gain the skills to use Fortinet’s advanced security technologies like FortiSIEM and FortiSOAR to enhance visibility, mitigate risks, and optimize security operations.